so the kernel can send d-bus messages

Colin Walters walters at verbum.org
Sun Jul 25 17:12:04 PDT 2004


On Mon, 2004-07-26 at 01:41 +0200, Maciej Katafiasz wrote:

> I never liked idea of X server bringing down whole session, but OTOH I
> do understand it'd lead to doubling program logic if we were to support
> crash recovery without much real gain. So I won't argue furthere here.
> But I must ask - why is the default socket for session bus name
> constructed by appending random junk to /tmp/dbus, instead of
> predictable scheme like /tmp/$username/dbus-session?

One good reason is because a predictable scheme allows a simple denial
of service attack:

mkdir /tmp/otheruser

Where otheruser hasn't logged in yet.




More information about the dbus mailing list